68 matches found
util-linux security, bug fix, and enhancement update
2.23.2-33.0.1 - fix Oracle bug 23001516 - backport lscpu: correct the Virtualization type on Xen DomU PV guest - Reviewed-by: Joe Jin 2.23.2-33 - improve patch for 1007734 libblkid realpaths 2.23.2-32 - improve patch for chrt1 deadline support 1298384 - fix 1007734 - blkid shows devices as...
openSUSE Security Update : systemd (openSUSE-2016-487)
This update for systemd fixes several issues. These security issues were fixed : - CVE-2014-9770, CVE-2015-8842: Don't allow read access to journal files to users boo972612 These non-security issues were fixed : - Import commit 523777609a04fe9e590420e89f94ef07e3719baa: e5e362a udev: exclude MD fr...
cronic Arbitrary File Write Vulnerability
cronic is a shell script maintained by software developer Daniel Lange for wrapping cron jobs to prevent redundant email delivery. An arbitrary file write vulnerability exists in cronic, which can be exploited by an attacker by creating a symbolic link /tmp/cronic.out.PID - /etc/fstab to write...
USN-2845-1 sosreport vulnerabilities
Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report. This issue only affected Ubuntu 14.04 LTS. CVE-2014-3925 Mateusz Guzik discovered that SoS incorrectly handled temporary files. A local attacke...
powerpc-utils: snap creates archives with fstab and yaboot.conf which may expose certain passwords
A flaw was found in the way the snap utility of powerpc-utils generated an archive containing a configuration snapshot of a service. A local attacker could obtain sensitive information from the generated archive such as plain text passwords...
sos: does not indicate data sent is potentially sensitive on Red Hat Enterprise Linux 5
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
SUSE-RU-2015:0574-1 Security update for powerpc-utils
The 'snap' system information collection tool of the PowerPC Utils package collected fstab and yaboot.conf files which might contain passwords. CVE-2014-4040 As these files are of interest, we now print a warning that the user of the 'snap' tool should check if private passwords are in those file...
DEBIAN-CVE-2014-4040
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...
UBUNTU-CVE-2014-4040
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...
Design/Logic Flaw
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
CVE-2014-3925
CVE-2014-3925 affects sosreport in Red Hat sos 1.7 and earlier on RHEL 5, where the generated archive may contain an fstab with cleartext passwords and lacks a warning to review for passwords, enabling potential sensitive-information disclosure if an attacker can access the technical-support data...
UBUNTU-CVE-2014-3925
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
CVE-2014-3925
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
CentOS 4 : util-linux (CESA-2009:0981)
An updated util-linux package that fixes one security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The util-linux package contains a collection of basic system utilities, such as fdisk and mount. A log...
util-linux-ng security, bug fix and enhancement update
2.17.2-12.9 - fix 892471 - CVE-2013-0157 mount folder existence information disclosure 2.17.2-12.8 - fix 679833 - RFE tailf should support - fix 719927 - RFE add adjtimex --compare functionality to hwclock - fix 730272 - losetup does not warn if backing file is 512 bytes - fix 730891 - document...
Slackware Advisory SSA:2005-255-02 util-linux umount
The remote host is missing an update as announced via advisory SSA:2005-255-01. OpenVAS Vulnerability Test $Id: esoftslkssa200525502.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64
The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. Multiple flaws were found in the way the mount and umount commands performed mtab mounted file systems table file updates. A local, unprivileged user allow...
Scientific Linux Security Update : virt-v2v on SL6.x x86_64
virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM Kernel-based Virtual Machine. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password...
mount.cifs - chdir() Arbitrary Root File Identification
mount.cifs - chdir Arbitrary Root File Identification Blueliv Advisory 2012-004 - Discovered by: Jesus Olmos Gonzalez at Blueliv - Risk: 5/5 - Impact: 1/5 1. VULNERABILITY ------------------------- linux privileged and arbitrary chdir, this leads to an arbitary file identification as root. 2...
Linux Gather Saved mount.cifs/mount.smbfs Credentials
Post Module to obtain credentials saved for mount.cifs/mount.smbfs in /etc/fstab on a Linux system. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Gather Saved mount.cifs/mount.smbfs...